Transport Layer CE-143 Untuk CNE-0802

Last Week Summary

OSI vs. TCP/IP Stack Layering: FTP Example Network Link Transport Application Presentation Session Transport Network Link Physical The 7-layer OSI Model The 4-layer Internet model Application FTP ASCII/Binary IP TCP Ethernet

Local Area Network (LAN) High speed, data network over small region High speed, data network over small region Few thousand meters Few thousand meters Network technologies: Network technologies: Ethernet Ethernet FDDI FDDI Token ring Token ring Data link layer Data link layer Packets routed based on physical address (MAC) Packets routed based on physical address (MAC) LAN 1 LAN 2

Connecting Below Internet Level Hub Hub Center of star topology Center of star topology In Ethernet, multiport repeater or concentrator In Ethernet, multiport repeater or concentrator Bridge Bridge Connects 2 networks of same technology – extended LAN Connects 2 networks of same technology – extended LAN Filters/forwards/floods based on MAC Filters/forwards/floods based on MAC Link layer - frames Link layer - frames Switch Switch Connects 2+ networks – packet-switched network Connects 2+ networks – packet-switched network Reduces collisions Reduces collisions Hub Bridge Switch

Connecting at the Internet Level Router Router Originally gateway Originally gateway Forwards packets based on network layer info (IP) Forwards packets based on network layer info (IP) Separate broadcast domains Separate broadcast domains In each domain, IP packet encapsulated in domain- specific packet In each domain, IP packet encapsulated in domain- specific packet Router

Internet Protocol The Main Difference with OSI Model is: TCP/IP Model did not Specifically Define the Physical and Data Link Layer. This model lets other technology to do that. Other difference is: TCP/IP Model did not define Session and Presentation Layer. It is inherently defined in the Application Layer

IP Addresses 4 8-bit numbers (Hierarchical) 4 8-bit numbers (Hierarchical) Specifies both network and host Specifies both network and host Number of bits allocated to specify network varies Number of bits allocated to specify network varies Three classes: Three classes: 0 net host bits 110 net host bits 1 0 net host bits ABC network 32-bits host

Summary of IP Layer IP Layer services are: Connectionless/Datagram Connectionless/Datagram Unreliable/Best Effort Unreliable/Best Effort Function of IP Layer: Provide End-to-End Connection between host Provide End-to-End Connection between host Provide Routing, Reassembling, Fragmenting, Defragmenting Provide Routing, Reassembling, Fragmenting, Defragmenting

Transport Layer

provide logical communication between application processes running on different hosts provide logical communication between application processes running on different hosts transport protocols run in end systems transport protocols run in end systems network layer: data transfer between end systems network layer: data transfer between end systems transport layer: data transfer between processes transport layer: data transfer between processes relies on network layer services relies on network layer services

Basic function of transport layer Simplest function of the transport layer: Simplest function of the transport layer: multiplexing/demultiplexing of messages multiplexing/demultiplexing of messages Enables processes on different systems to communicate Enables processes on different systems to communicate End-to-end since only processes on end hosts invoke this protocol End-to-end since only processes on end hosts invoke this protocol Segmenting Segmenting Main Task: To Carry Out the Transmission of the Whole File/Stream/Data from Application Layer in one host to another. Main Task: To Carry Out the Transmission of the Whole File/Stream/Data from Application Layer in one host to another. Multiplexing and Demux via Ports Number. Multiplexing and Demux via Ports Number. Ports are addresses on individual hosts, not across the Internet. Ports are addresses on individual hosts, not across the Internet. Ports are established using well-know values first Ports are established using well-know values first Port 80 = http, port 53 = DNS Port 80 = http, port 53 = DNS

Multiplexing/demultiplexing multiplexing/demultiplexing: based on sender, receiver port numbers, IP addresses based on sender, receiver port numbers, IP addresses source, dest port #s in each segment source, dest port #s in each segment recall: well-known port numbers for specific applications recall: well-known port numbers for specific applications gathering data from multiple app processes, enveloping data with header (later used for demultiplexing) source port #dest port # 32 bits application data (message) other header fields TCP/UDP segment format Multiplexing:

application transport network M P2 application transport network Multiplexing/demultiplexing Recall: segment - unit of data exchanged between transport layer entities aka TPDU: transport protocol data unit aka TPDU: transport protocol data unit receiver H t H n Demultiplexing: delivering received segments to correct app layer processes segment M application transport network P1 MMM P3 P4 segment header application-layer data

Multiplexing/demultiplexing: examples host A server B source port: x dest. port: 23 source port:23 dest. port: x port use: simple telnet app Web client host A Web server B Web client host C Source IP: C Dest IP: B source port: x dest. port: 80 Source IP: C Dest IP: B source port: y dest. port: 80 port use: Web server Source IP: A Dest IP: B source port: x dest. port: 80

Other transport layer functions Connection control Connection control Setting up and tearing down communication between processes Setting up and tearing down communication between processes Error detection within packets – our first focus Error detection within packets – our first focus Checksums Checksums Reliable, in order delivery of packets – our second focus Reliable, in order delivery of packets – our second focus Acknowledgement schemes Acknowledgement schemes Flow control Flow control Matching sending and receiving rates between end hosts Matching sending and receiving rates between end hosts Congestion control Congestion control Managing congestion in the network Managing congestion in the network

Transport in TCP/IP Model TCP  reliable, in-order unicast delivery TCP  reliable, in-order unicast delivery congestion congestion flow control flow control connection setup connection setup UDP  unreliable (“best-effort”), unordered unicast or multicast delivery UDP  unreliable (“best-effort”), unordered unicast or multicast delivery No congestion, no flow control, no connection setup No congestion, no flow control, no connection setup services not available: services not available: real-time real-time bandwidth guarantees bandwidth guarantees reliable multicast reliable multicast

Transmission Control Protocol

Characteristics Connection-Oriented: setup connection first before transmitting data Connection-Oriented: setup connection first before transmitting data Point-to-Point Point-to-Point Reliable, in-order Byte-Stream Reliable, in-order Byte-Stream Flow Controled Flow Controled Full duplex data Full duplex data

Three Phases of Connection Setup Establish Connection Establish Connection Data Transfer Data Transfer Terminate Connection Terminate Connection

Establishing the Connection Step 1: client host sends TCP SYN segment to server Step 2: server host receives SYN, replies with SYN ACK, server prepare buffer Step 3: client receives SYN ACK, replies with ACK

Data Transfer

Terminating the Connection Connection Close/Teardown 2 x 2-way handshake (Active) Client (Passive) Server Fin (Data +)Ack Fin Ack Step 1: client host sends TCP FIN segment to server Step 2: server host receives FIN, replies with ACK Step 3: client receives FIN, replies with ACK Step 4: server receives ACK, connection closed

Connection States StateDescription CLOSED No active connection LISTEN The server is waiting to incoming connection SYNC RCVD SYN has arrived. Wait for ACK SYN SENT Start to Open Connection ESTABLISHED Normal Data Transfer State FIN WAIT 1 Application Ask for finished FIN WAIT 2 Other side aggree to finish TIMED WAIT Wait to all packet to die off CLOSING Both side have tried to close simultaneously CLOSING WAIT The other side has initiate release LAST ACK Wait for all packet to die off

TCP Header IPHdr IP Data TCPHdrTCP Data SrcportDst port Sequence # AckSequence # HLEN 4 RSVD 6 URGACK PSH RSTSYN FIN Flags Window Size ChecksumUrgPointer (TCP Options) TCP Data Src/dst port numbers and IP addresses uniquely identify socket

Reliability & Flow Control Sequence numbers & Acknowledgements (ACKs) Sequence numbers & Acknowledgements (ACKs) Receiver detects Corrupt, Lost, Duplicated, Out-of- order Receiver detects Corrupt, Lost, Duplicated, Out-of- order Tell sender which packets it has received correctly Tell sender which packets it has received correctly Sender can resend Sender can resend In Flight Window (Window Size) In Flight Window (Window Size) Sender only has N unacknowledged packets “in Sender only has N unacknowledged packets “in

Transmission Control Protocol (TCP) The protocols that use TCP include: The protocols that use TCP include: FTP (File Transfer Protocol) FTP (File Transfer Protocol) HTTP (Hypertext Transfer Protocol) HTTP (Hypertext Transfer Protocol) SMTP (Simple Mail Transfer Protocol) SMTP (Simple Mail Transfer Protocol) Telnet Telnet POP3 (Post Office Protocol version 3) POP3 (Post Office Protocol version 3)

UDP

User Datagram Protocol (UDP) Like TCP, in the Transport Layer Like TCP, in the Transport Layer Characteristics Characteristics Connectionless (no connection setup), Connectionless (no connection setup), Datagram (no sequence number), Datagram (no sequence number), Unreliable (no automatic retransmission) Unreliable (no automatic retransmission) Adds only application multiplexing/demultiplexing and checksumming to IP Adds only application multiplexing/demultiplexing and checksumming to IP Good for Streaming Media, Real-time Multiplayer Networked Games, VoIP Good for Streaming Media, Real-time Multiplayer Networked Games, VoIP

UDP The protocols that use UDP include: The protocols that use UDP include: TFTP (Trivial File Transfer Protocol) TFTP (Trivial File Transfer Protocol) SNMP (Simple Network Management Protocol) SNMP (Simple Network Management Protocol) DHCP (Dynamic Host Control Protocol) DHCP (Dynamic Host Control Protocol) DNS (Domain Name System) DNS (Domain Name System) RIP (Routing Information Protocol) RIP (Routing Information Protocol) Many MMORP games use this UDP (Ragnarok, Tantra, etc) Many MMORP games use this UDP (Ragnarok, Tantra, etc)

TCP and UDP Port Numbers

Lesson to Try: Troubleshoot TCP Find a Web Server, check the IP Address Find a Web Server, check the IP Address Try to telnet the server: telnet 80 Try to telnet the server: telnet 80 Note: 80 is the tcp port for web application Note: 80 is the tcp port for web application Check the connection status, via netstat –an command. Check the connection status, via netstat –an command. If connection ESTABLISHED, the TCP service is OK. What happened if it isn’t? If connection ESTABLISHED, the TCP service is OK. What happened if it isn’t? Try to type GET HTTP/1.1 Try to type GET HTTP/1.1 Pay attention to the output! Pay attention to the output!

Security issue on Transport Layer Denial of Service (DoS) and Distributed Denial of Service (DDoS) Denial of Service (DoS) and Distributed Denial of Service (DDoS) Buffer Overflow Buffer Overflow Imagine a host send SYN and stop Imagine a host send SYN and stop Imagine a host send many SYN Imagine a host send many SYN Session Hijacking Session Hijacking Unclosed TCP session could be hijacked. Beware of this if you use WARNET!!! Unclosed TCP session could be hijacked. Beware of this if you use WARNET!!!

Security Resolution Use the Firewall to protect server from unwanted TCP SYN or flooded TCP SYN. Use the Firewall to protect server from unwanted TCP SYN or flooded TCP SYN. Build culture of security. Never leave TCP session unclosed. Build culture of security. Never leave TCP session unclosed.